Tag: hacking
-
New ShadowRay Exploit Targets Vulnerability in Ray AI Framework to Attack AI Systems
Tags: ai, attack, botnet, computing, control, cyber, exploit, framework, hacking, intelligence, open-source, vulnerabilityOligo Security researchers have uncovered an active global hacking campaign that leverages artificial intelligence to attack AI infrastructure. The operation, dubbed ShadowRay 2.0, exploits a known yet disputed vulnerability in Ray an open-source framework powering numerous AI systems worldwide to seize control of computing clusters and conscript them into a self-replicating botnet capable of cryptojacking,…
-
50,000 CCTVs Hacked in India: Intimate Hospital Footage Sold Online
A disturbing case of hacking CCTV systems in India has exposed a widespread cybercrime racket through which intimate videos from a maternity ward were stolen and sold online. Police in Gujarat state say the discovery has raised concern for surveillance practices in a country where cameras are routinely placed across public and private spaces. First…
-
Anthropic AI-powered cyberattack causes a stir
Tags: ai, attack, china, cyber, cyberattack, cybersecurity, espionage, finance, government, group, hacking, programming, technology, toolAI “‹”‹company Anthropic recently announced that companies worldwide have been attacked by an AI-powered cyber espionage campaign. It is purported to be the first publicly documented case of a cyberattack carried out by an AI model.According to the research report, around 30 organizations worldwide were affected by the attacks. These included large technology companies, financial institutions,…
-
Google Finds New Malware Backdoors Linked to Iran
Hacking Group Deploys Raft of Custom Malware Variants. An Iranian state hacking group with a history of targeting aerospace, aviation and defense industries across the Middle East has improved its tooling with multiple custom malware variants, warned Google. The group, tracked as UNC1549, is suspected of ties to the Iranian Revolutionary Guard Corps. First seen…
-
Kamel Ghali on what’s ‘theoretically possible’ in car hacking
White-hat hacker and pentester Kamel Ghali talks with the Click Here podcast team about how cars became computers on wheels, and why, in the race for smarter tech, safety is still trying to catch up. First seen on therecord.media Jump to article: therecord.media/car-hacking-interview-kamel-ghali-click-here-podcast
-
âš¡ Weekly Recap: Fortinet Exploited, China’s AI Hacks, PhaaS Empire Falls & More
This week showed just how fast things can go wrong when no one’s watching. Some attacks were silent and sneaky. Others used tools we trust every day, like AI, VPNs, or app stores, to cause damage without setting off alarms.It’s not just about hacking anymore. Criminals are building systems to make money, spy, or spread…
-
A Major Leak Spills a Chinese Hacking Contractor’s Tools and Targets
Plus: State-sponsored AI hacking is here, Google hosts a CBP face recognition app, and more of the week’s top security news. First seen on wired.com Jump to article: www.wired.com/story/major-leak-spills-chinese-hacking-contractor-tools-targets/
-
AI Tool Ran Bulk of Cyberattack, Anthropic Says
Claude Ran Up to 90% Intrusion Tasks Autonomously in China-Linked Campaign. A Chinese state-linked hacking group relied on the Claude Code model to automate most of a cyberespionage campaign against dozens of organizations, Anthropic said. The AI firm describes the campaign as the first verified case of an AI system handling the bulk of a…
-
China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work
Anthropic and AI security experts told CyberScoop that behind the hype, effective AI-driven cyberattacks still require skilled humans, with the attack possibly done to send a message as to show what’s possible. First seen on cyberscoop.com Jump to article: cyberscoop.com/anthropic-ai-orchestrated-attack-required-many-human-hands/
-
Chinese Tech Firm Leak Reportedly Exposes State Linked Hacking
A massive data leak reportedly at Chinese firm Knownsec (Chuangyu) exposed 12,000 files detailing state-backed ‘cyber weapons’ and spying on over 20 countries. See the details, including 95GB of stolen Indian immigration data. First seen on hackread.com Jump to article: hackread.com/chinese-tech-firm-leak-state-linked-hacking/
-
Chinese Tech Firm Leak Reportedly Exposes State Linked Hacking
A massive data leak reportedly at Chinese firm Knownsec (Chuangyu) exposed 12,000 files detailing state-backed ‘cyber weapons’ and spying on over 20 countries. See the details, including 95GB of stolen Indian immigration data. First seen on hackread.com Jump to article: hackread.com/chinese-tech-firm-leak-state-linked-hacking/
-
Researchers question Anthropic claim that AI-assisted attack was 90% autonomous
The results of AI-assisted hacking aren’t as impressive as many might have us believe. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/11/researchers-question-anthropic-claim-that-ai-assisted-attack-was-90-autonomous/
-
Researchers question Anthropic claim that AI-assisted attack was 90% autonomous
The results of AI-assisted hacking aren’t as impressive as many might have us believe. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/11/researchers-question-anthropic-claim-that-ai-assisted-attack-was-90-autonomous/
-
Hackers Exploited Cisco ISE Zero-Day
Tags: access, authentication, cisco, control, exploit, flaw, hacker, hacking, network, remote-code-execution, software, vulnerability, zero-dayFlaw Enabled Remote Code Execution, Say AWS Researchers. Researchers from AWS said they spotted a hacking campaign taking advantage of a zero-day vulnerability in Cisco network access control software before the routing giant patched it earlier this year. The flaw let attackers perform pre-authentication remote code execution. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hackers-exploited-cisco-ise-zero-day-a-30031
-
Operation Endgame Hits Rhadamanthys, VenomRAT, Elysium Malware, seize 1025 servers
Europol-led Operation Endgame seizes 1,025 servers and arrests a key suspect in Greece, disrupting three major global malware and hacking tools, including Rhadamanthys, VenomRAT and Elysium botnet. First seen on hackread.com Jump to article: hackread.com/operation-endgame-rhadamanthys-venomrat-elysium-malware/
-
Federal agencies not fully patching vulnerable Cisco devices amid ‘active exploitation,’ CISA warns
Federal civilian agencies are not patching vulnerable Cisco devices sufficiently to protect themselves from an active hacking campaign, the Cybersecurity and Infrastructure Security Agency warned. First seen on therecord.media Jump to article: therecord.media/federal-cisco-patches-warning
-
Federal agencies not fully patching vulnerable Cisco devices amid ‘active exploitation,’ CISA warns
Federal civilian agencies are not patching vulnerable Cisco devices sufficiently to protect themselves from an active hacking campaign, the Cybersecurity and Infrastructure Security Agency warned. First seen on therecord.media Jump to article: therecord.media/federal-cisco-patches-warning
-
Synology fixes BeeStation zero-days demoed at Pwn2Own Ireland
Synology has addressed a critical-severity remote code execution (RCE) vulnerability in BeeStation products that was demonstrated at the recent Pwn2Own hacking competition. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/synology-fixes-beestation-zero-days-demoed-at-pwn2own-ireland/
-
WinRAR Vulnerability Exploited by APT08 to Target Government Agencies
The notorious APT-C-08 hacking group, also known as BITTER, has been observed weaponizing a critical WinRAR directory traversal vulnerability (CVE-2025-6218) to launch sophisticated attacks against government organizations across South Asia. This development marks a concerning evolution in the threat actor’s capabilities, as the group leverages this easily exploitable flaw to infiltrate sensitive systems and steal classified…
-
WinRAR Vulnerability Exploited by APT08 to Target Government Agencies
The notorious APT-C-08 hacking group, also known as BITTER, has been observed weaponizing a critical WinRAR directory traversal vulnerability (CVE-2025-6218) to launch sophisticated attacks against government organizations across South Asia. This development marks a concerning evolution in the threat actor’s capabilities, as the group leverages this easily exploitable flaw to infiltrate sensitive systems and steal classified…
-
New “KomeX” Android RAT Hits Hacker Forums with Tiered Subscriptions
A sophisticated Android remote-access trojan named KomeX RAT has emerged on underground hacking forums, with the threat actor Gendirector actively marketing the malware through tiered subscription models. The malware, built on the foundation of previously documented BTMOB, poses a significant threat to Android device owners due to its extensive capabilities and aggressive advertising campaign within…
-
Europe Hosts First In-Orbit Satellite Cybersecurity Competition
D-Orbit and the ethical hacking collective mhackeroni have concluded CTRLSpace CTF, the first in-orbit satellite cybersecurity competition ever held in Europe. The event, organized with the support of the European Space Agency’s (ESA) Security Cyber Centre of Excellence and ESA’s Security Office, marked a major step toward strengthening Europe’s space defence capabilities. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/europe-hosts-first-in-orbit-satellite-ctf/
-
Europe Hosts First In-Orbit Satellite Cybersecurity Competition
D-Orbit and the ethical hacking collective mhackeroni have concluded CTRLSpace CTF, the first in-orbit satellite cybersecurity competition ever held in Europe. The event, organized with the support of the European Space Agency’s (ESA) Security Cyber Centre of Excellence and ESA’s Security Office, marked a major step toward strengthening Europe’s space defence capabilities. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/europe-hosts-first-in-orbit-satellite-ctf/
-
Hackers Exploit Websites to Inject Malicious Links for SEO Manipulation
A surge in online casino spam is reshaping the dark corners of the internet, with threat actors increasingly hacking websites to embed malicious SEO-boosting links. This evolving tactic aims to promote online gambling sites by hijacking the authority of legitimate websites putting site owners and unsuspecting users alike at risk. Historically, blackhat SEO spam campaigns…
-
Hackers Exploit Websites to Inject Malicious Links for SEO Manipulation
A surge in online casino spam is reshaping the dark corners of the internet, with threat actors increasingly hacking websites to embed malicious SEO-boosting links. This evolving tactic aims to promote online gambling sites by hijacking the authority of legitimate websites putting site owners and unsuspecting users alike at risk. Historically, blackhat SEO spam campaigns…
-
Data Leak Exposes Chinese State-Sponsored Cyber Arsenal and Target Database
Tags: breach, china, cyber, cybersecurity, data, data-breach, government, hacking, international, leak, theft, toolIn early November 2025, a massive data breach at Knownsec, a prominent Chinese cybersecurity firm with government ties, sent shockwaves through the international security community. The incident, reported on November 2, resulted in the theft of over 12,000 classified documents exposing sophisticated state-sponsored cyber weapons, internal hacking tools, and a comprehensive global target list spanning…
-
Data Leak Exposes Chinese State-Sponsored Cyber Arsenal and Target Database
Tags: breach, china, cyber, cybersecurity, data, data-breach, government, hacking, international, leak, theft, toolIn early November 2025, a massive data breach at Knownsec, a prominent Chinese cybersecurity firm with government ties, sent shockwaves through the international security community. The incident, reported on November 2, resulted in the theft of over 12,000 classified documents exposing sophisticated state-sponsored cyber weapons, internal hacking tools, and a comprehensive global target list spanning…
-
Data Leak Exposes Chinese State-Sponsored Cyber Arsenal and Target Database
Tags: breach, china, cyber, cybersecurity, data, data-breach, government, hacking, international, leak, theft, toolIn early November 2025, a massive data breach at Knownsec, a prominent Chinese cybersecurity firm with government ties, sent shockwaves through the international security community. The incident, reported on November 2, resulted in the theft of over 12,000 classified documents exposing sophisticated state-sponsored cyber weapons, internal hacking tools, and a comprehensive global target list spanning…
-
Washington Post confirms data breach linked to Oracle hacks
The Washington Post is the latest victim of a hacking campaign by the notorious Clop ransomware gang, which relied on vulnerabilities in Oracle software used by many corporations. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/07/washington-post-confirms-data-breach-linked-to-oracle-hacks/